Customer Reviews

Sarbanes-Oxley and the New Internal Auditing Rules

5 star:		(2)
4 star:		(1)
3 star:		(1)
2 star:		(1)
1 star:		(0)

 

 

This book is essential reading for anyone involved in internal audits per Sarbanes-Oxley, including auditing professionals and senior management whose business or technical domains are affected (i.e., all senior managers).

The focus is on auditing from the practitioner's point of view, and Chapter 2 shines because it summarizes SOA and how it affects internal audit as a function and as a practice. This material encompasses relationships with external auditors and with the audit committee, which are important parts of SOA. A further tie to the audit committee is given in detail in Chapter 3.

Chapter 5, 'COSO, Section 404, and Control Self-Assessments' is the heart of this book in many respects. However, as an IT consultant I found Chapters 6, 7 and 9 more aligned to what I do - and the reason why I cited the audience of this book as wider than auditing practitioners. For example, the inclusion of CobiT (Control Objectives for IT) in Chapter 6, Disaster Recovery and Continuity Planning (Chapter 7) and Enterprise Risk Management, Privacy, and Other Legislative Initiatives (Chapter 9) are directly or indirectly related to IT, and the information I gleaned from those chapters helped to place SOA within the context of my profession's support requirements and IT auditing. I was also surprised and gratified to find ITIL best practices, which is an international standard for IT infrastructure management, including service delivery and service support. Again, this information shows how far reaching SOA is, and the need for all managers to fully understand their roles and how SOA will affect the way they operate and manage their functional areas.

Of course, for professional auditors, the chapters on Internal Audit Fraud Detection and Prevention (8), Rules and Procedures for Internal Auditors Worldwide (10), and Continuous Assurance Auditing Future Directions (11) round out this comprehensive book. As a non-practitioner I found it to be clearly written and, in many respects, enlightening. The breadth of topics and the depth into which they are delved is impressive.

Despite Mr. Moeller's "brand-name appeal", I must confess I found this book disappointing. The title promises too much perhaps; how can mere 300 pages cover the matter for a practitioner? Written in an informal style, it paints on a broad canvas -- the kind of material that would do well for an after dinner-talk for auditors, but most definitely lacks depth and specificity. It could be useful for students or business managers, but is unlikely to help a professional auditor much.
Browse through it first to see if it answers your needs before putting down your money.

This book provides a comprehensive overall view on Sarbanes Oxley and other evolving internal audit standards and practices. Moeller has taken an extended view on the roles of internal auditor to include that of quality auditors for ASQ and ISO.

I find the book useful for general knowledge on what internal audit entails. However, this book has its limitation for practising internal auditors who are seeking in depth working tools to meet their professional requirements.

I have not worked in any large organizations, but by reading this book I feel better prepared to meet the demands that corporations often face in today's heavily regulated environment. I am pleased that I purchased it.

I read this in anticipation of doing a CobiT audit, and I wanted some orientation regarding the audit function. I found definitions and a good bit of useful material regarding audit project planning. There's also some interesting stuff on the Enron scandal and why it came about.

Despite minor errors and a weak chapter on data warehouses and service-oriented architecture, this book can serve as an excellent introduction not only to Sarbanes-Oxley, but to COSO, CobiT, Enterprise Risk Management, business impact analysis, disaster recovery, business continuity planning, and even ITIL. But this book is from 2003. Moeller has at least one newer book.